IETF Logo Mail Archive

Re: [dmarc-ietf] ARC, DMARCbis WGLC - Issue 144 Mention of ARC in DMARCbis

John Levine <johnl@taugh.com> Tue, 02 April 2024 15:49 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 832E5C14F6E1 for <dmarc@ietfa.amsl.com>; Tue, 2 Apr 2024 08:49:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.148
X-Spam-Level:
X-Spam-Status: No, score=-4.148 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b="RVWPONLQ"; dkim=pass (2048-bit key) header.d=taugh.com header.b="GY/6+P2o"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E6wSL_zd8a6F for <dmarc@ietfa.amsl.com>; Tue, 2 Apr 2024 08:49:21 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B0DD6C14F680 for <dmarc@ietf.org>; Tue, 2 Apr 2024 08:49:21 -0700 (PDT)
Received: (qmail 74757 invoked from network); 2 Apr 2024 15:49:19 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=12403660c28ff.k2404; bh=N976nqinw/lCbKgEfRtY+tkxya7G4IjxUpj4M/RG/Yc=; b=RVWPONLQS7Rbc0uX3R/gyXOKhf/AYJIbcc9zPhfzBRgPBagEznKJs6uLyr93N8OgYwEduyQnOKE+YNE0LJmpgEH3lH1eQM+mSFuB+SRM9HmTjHN2mUw8QWbqiy78/NKotOxVnCehW1jQo9abj622T+GJ5XetsBwB3+AfkfiAQVGyfzGbNHUj739X63/DUFq7Mslrk9o2KgkejMePzEeBa7ZSzbwxGcdMcPcyzBOGAW079Hf9pB7ebm3thFiqswlG47soh4uZyyXoIwB68ig3z/RMHwrln7iDZsMfU2+yoTPEBwKMWhwxOcTJ7L9SWUKqCl2GKbpCRTzvmTibU/8yfA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=12403660c28ff.k2404; bh=N976nqinw/lCbKgEfRtY+tkxya7G4IjxUpj4M/RG/Yc=; b=GY/6+P2o+XEKitH/E53thUI4Rwg0ezEapUOJp2T/+7RQJJZ4wd9m9VkyCgvbizDYpbF+FcOq1Xztbk20AJYhopagKbOJe8TLji3BVXUSlPOfzLLg8APezm9lpg0W1UhDYyVk8u/5oHMTyP6An8ma1u6mgDMmzjx8mBaXlnQMhM/I6HwQNycQyEVy9sbG7OlXRIDh6T1Yd4WPDWbUEUm1NzOdFjDt173gvhdq92lRE90gIZFkYZnVA3C2+C0Fi5yg/0lBFqqJJf5Or2cJg0Z472zNOWlXezSRZVf1aT+mtP9wLSVak5wxKXExn3RFRu+6JAzPS54Wl0OynzuJPV5cfg==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA CHACHA20-POLY1305 AEAD) via TCP6; 02 Apr 2024 15:49:18 -0000
Received: by ary.qy (Postfix, from userid 501) id 6477686B0508; Tue, 2 Apr 2024 11:49:18 -0400 (EDT)
Date: Tue, 02 Apr 2024 11:49:18 -0400
Message-Id: <20240402154918.6477686B0508@ary.qy>
From: John Levine <johnl@taugh.com>
To: dmarc@ietf.org
Cc: superuser@gmail.com
In-Reply-To: <CAL0qLwZKWNsV_CZ7C4ep88soaquhFG6FswoyNDWdfJ4HB7pamQ@mail.gmail.com>
Organization: Taughannock Networks
X-Headerized: yes
Cleverness: minimal
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/_DFr4FDm5wi8cvSssUofg2IyPgU>
Subject: Re: [dmarc-ietf] ARC, DMARCbis WGLC - Issue 144 Mention of ARC in DMARCbis
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Apr 2024 15:49:26 -0000

It appears that Murray S. Kucherawy  <superuser@gmail.com> said:
>Can you give an example, even if only a hypothetical one?

I'm not Emmanuel but people at large mail systems have told me that
the biggest value of ARC is to deal with mailing lists that do lousy
spam filtering. Lists often let anything through that has the address
of a subscriber on the From: line. Mail systems see legit lists that
gush spam when some bot starts sending mail to the list with fake
subscriber addresses, because the bot herder is using address pairs
from stolen address books.

While we all know the reasons that you don't want to enforce DMARC on
the mail coming out of a mailing list, it makes a lot more sense to
enforce it on mail going into a list. You can use ARC to look back and
see if the mail was aligned on the way in and if not treat it as spam.

R"s,
JOhn

v2.23.0 | Report a Bug | By Email